CVSS 3.1 Score 6.4 of 10 (medium)


Published Dec 28, 2023
Updated: Jan 4, 2024
CWE ID 798


CVE-2023-49228 is a vulnerability found in Peplink Balance Two devices before version 8.4.0. The issue arises from the console port authentication using hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root. The affected product is the Peplink Balance Two. To remediate this vulnerability, users should update their Peplink Balance Two devices to version 8.4.0 or later. This vulnerability poses a medium-level threat to organizations as it has a base severity score of 6.4 and high impact on integrity and confidentiality, with the potential for unauthorized control over affected devices if exploited physically by an attacker.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49228 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options